How to Factory Reset Juniper SRX Device?

To factory reset Juniper SRX Device you can use 2 methods – One using the reset button and the other using factory default configuration. Additionally, we will discuss the use of “request system zeroize” command; and how it differs from the factory default.

Juniper SRX Device Factory Reset

Sometimes administrators working on Junos platform need a juniper factory reset. Juniper reset has quite a few options to meet this requirement – one via manually resetting SRX to the default setting and one via issuing CLI command. So let’s understand both the ways in detail –

Using the Reset Button

The config reset button functionality is available in SRX and J-Series platform on juniper reset devices. The reset Config button is available on the front panel of the SRX device.

User can press this button to reset the device to its factory default configuration.  The Reset Config button is depressed to prevent from being accidentally pressed by anyone working near the device.

We need to put a straightened paper clip or pen to press the button. All the configuration files, including the rescue configuration and backup configurations, will be deleted.

Following list of JUNIPER SRX platforms come under the purview of this configuration –

• SRX650
• SRX550
• SRX240
• SRX220
• SRX210
• SRX110
• SRX100

Related – Juniper Datasheets

Using the Load Factory-Default Command

The load factory-default command in the config mode will only erase the configuration and load the factory default configuration. However, you have to set the root-authentication password prior to committing the configuration.

Type the load factory-default command:

root@host# load factory-default

Use the set system root-authentication plain-text-password command to set a new root password for the device:

root@host# set system root-authentication plain-text-password

Type the root password and retype it to confirm it:

New password:Retype new password:

Caution: Prior to committing the changes, if an IP address is not assigned for the ‘ge-0/0/0′ interface, create a local user account and type the routing information; either via the CLI configuration or DHCP. The SRX device will no longer be remotely accessible.

To manage the SRX firewall device, you must connect a PC or laptop to the physical console or attach the PC or laptop to a subnet that is directly connected to the ge-0/0/0 interface, which is assigned an IP address of ‘192.168.2.1′.

Use the commit and-quit command to commit the configuration and exit the configuration mode –

root@host# commit and-quit

After the commit, the factory default configuration will be the running configuration.

Optional Cleanup: Erase All Configuration and Logs

For a deeper wipe (logs, configs, etc.), you can use “request system zeroize” command. Login to your SRX device, type CLI, press enter and then execute the zeroize command.

request system zeroize

**Use with caution – This is a full wipe**

Difference: Load Factory-Default vs Request System Zeroize

Download the comparison table: load factory-default vs request system zeroize

Continue Reading

Useful Juniper Netscreen Commands

Enable/Disable Interface in Juniper

Are you Preparing for your Next Job Interview?

If you want to learn more about Juniper SRX, then check our e-book on Juniper SRX Interview Questions and Answers in easy to understand PDF Format explained with relevant Diagrams (where required) for better ease of understanding.

Reference –

Juniper Support Portal: https://supportportal.juniper.net/s/article/SRX-Getting-Started-Factory-Reset?language=en_US

ABOUT THE AUTHOR

Rashmi Bhardwaj

Founder of AAR TECHNOSOLUTIONS, Rashmi is an evangelist for IT and technology. With more than 12 years in the IT ecosystem, she has been supporting multi domain functions across IT & consultancy services, in addition to Technical content making.

You can learn more about her on her linkedin profile – Rashmi Bhardwaj